Identity authentication device

ABSTRACT

An identity authentication device is stylus-shaped. A processor is disposed within the device. The stylus-shaped device includes a scanner-type device component for capturing within the processor memory a written signature generated by the stylus while the stylus is writing upon a surface. A fingerprint sensor is disposed within the grip of the stylus. The fingerprint sensor enables the capture of a digital signature of the writer at the same time that the written signature of the writer is captured. Once the identity of the writer has been authenticated by comparison against a reference print, the signature of the writer irrefutable. The device serves the same general purpose and can be used in lieu of a signature pad. The device is either attached to a surface or is portable and wireless.

This patent application claims priority under and is aContinuation-in-part of U.S. patent application Ser. No. 09/865,756,entitled “Identity Authentication Device,” invented by Gerald R. Blackand filed on Mar. 25, 2001.

FIELD OF THE INVENTION

The invention relates generally to various systems for verifying theidentification of a person, and more particularly, to a stylus-shapeddevice that captures text generated and enables confirmation of theidentity of the writer.

BACKGROUND OF THE INVENTION

Many identification systems are known in the art. In some cases, aphotograph of a subject or his fingerprint pattern is affixed to anidentification card. In other approaches, various methods are employedfor storing image or password information in a magnetic stripe or in anoptically encoded image or pattern, which is physically part of theidentification card. Still other approaches utilize a “smart card”having its own semiconductor memory capability for information storage.

U.S. Pat. No. 6,175,922 (Wang) discloses an electronic transactionsystem for completing a transaction request at a point-of-sate terminalusing a portable electronic authorization device carried by a user. Thedevice first receives digital data representing the transaction request.The electronic authorization device provides information to the userregarding an ability to approve the transaction request. When the userapproves the transaction, the electronic authorization device receivesadditional data representing the electronic service authorization token.

U.S. Pat. No. 5,706,349 (Aditham et al.) Discloses a system forauthenticating remote users in a distributed environment. A token isinitially issued to a remote user once a security mechanism initiallycan determine that the remote user is who he claims to be. Thereafter, aconnection between a remote user and an application server requires theapplication server to first verify that a token associated with aconnection request was issued by the security mechanism. If the tokenassociated with the connection call was issued by the securitymechanism, the remote user is connected to the application server.

U.S. Pat. No. 6,202,055 (Houvener, et al.) Discloses a system forprocessing a financial instrument other than cash. A customer at a pointof identification terminal initially submits the instrument—perhaps acheck. The checking account number is communicated to a remote databasecontaining digital photographic images of authorized users of checkingaccounts. The remote database is searched and any digital photographicimages associated with the checking account number are transmitted tothe point of identification terminal. The images are displayed andcompared to the physical appearance of the customer. The on-siteemployee then submits determines if at least one of the displayeddigital matches the appearance of the person initiating the transaction.The transaction data is then stored as a transaction record.

While a written signature is still regarded as the preferred way for aperson to convey approval and a legal commitment, there still remains aneed to confirm absolutely that can assure that the person signing isthe person authorized to make a commitment.

Also, text-capture devices having the general shape of a stylus are nowcommercially available. These devices track the movement of the point ofa wireless pen to recreate any text that is written upon any surface.Authentication of the writer's identity is needed to enable only theperson who generated the text to have access to the text.

What is needed is a system that captures a digital signature (which isthe international standard of identification) at the same time that theelectronic signature (the written text) is captured, the combinedsignature being irrefutable.

SUMMARY OF THE INVENTION

The system of the present invention addresses these needs. The identityauthentication device is stylus-shaped. A processor is disposed withinthe device. The stylus-shaped device includes a scanner-type devicecomponent for capturing within the processor memory a written signaturegenerated by the stylus while the stylus is writing upon a surface. Afingerprint sensor is disposed within the grip of the stylus. Thefingerprint sensor enables the capture of a digital signature of thewriter at the same time that the written signature of the writer iscaptured. Once the identity of the writer has been authenticated bycomparison against a reference print, the signature of the writerirrefutable. The device serves the same general purpose and can be usedin lieu of a signature pad. The device is either attached to a surfaceor is portable and wireless.

Text capture involves reconstructing text generated with a pen on anysurface based upon the motion and position of the pen. This is incontrast to data capture by preserving the images inscribed upon thedigital surface. As a result of miniaturization, the computer inputdevice is a handheld computer. The pen transforms the handwriting of thewriter into text for display on a computer screen for editing orprintout. The main attraction of these pens is for users who usuallytake notes by hand while traveling and type them up when returning tothe office. Also, people can use the pen in the office and skip the stepof typing up their notes.

Mobile computing applications: mobile computing extends the reach ofcomputers as users must be connected to local networks all the timewherever they go. Also, users want to take with them the same tools thatthey have at their desks. The biometric pen device of the presentinvention ensures the integrity of all data and that data access iseasy, transparent, reliable, and secure. In text capture, movement ofthe point of a pen is captured and used to recreate any text that iswritten upon any surface. Authentication of the writer's identity isneeded to decipher the writing and to secure data access.

The identity authentication system of the present invention devices maybe used wherever there is a need for personal identity authenticationand signature capture. Applications are everywhere and include:

-   -   financial transactions (at POS terminals and off-site)    -   mobile computing networks    -   controlled environments for data access and entry (e.g.        Hospitals and banks)        The identity authentication device of the present invention is        compatible with both card-based and pen-based systems.

For use with a card at a POS terminal—the pen is attached to a counterand used by many people. A reference image is pre-registered and storedinside the card carried by each user.

For use with a pen-based computer the reference image is pre-registeredand stored inside the pen-based computer or the host computer.

Pen-based signature verification systems are now appearing at POSterminals. These systems use signature as the basis to confirm identity.However, signature has proven to be unreliable and is affected by mood,stress, fatigue, time of day, and many other factors. Anotherdisadvantage of signature verification systems is that a thief isprovided with a blueprint for access once a copy of the signature isobtained.

The identity authentication system of the present inventionauthenticates writer identity at point-of-sale transactions using theultimate in biometric technologies. Identity is authenticated against anencrypted reference image while the pen is being used. A biometricsensor is positioned inside the pen grip.

The identity authentication system of the present invention isuser-friendly, simple, fast, and nonobtrusive, actually discouragesfraud, and positively confirms the identity of the writer. The identityauthentication system of the present invention is compatible withexisting POS terminals. The identity authentication system of thepresent invention requires no additional hardware except for the pen.The identity authentication system of the present invention iscompatible with credit card and smart card use. The logic isbasic—either there is a match and the transaction proceeds, or there isno match and the transaction is blocked.

The identity authentication system of the present invention verifieswriter identity independent of the content of the writing, and providessignature capture to prevent subsequent repudiation. The certainty ofthe identity authentication system of the present invention verificationenables owners of the wireless pens to eventually make credit cardsoptional.

As used herein, the term “smart pen” refers to a stylus with a processortherein for capturing the writing of the customer within the processorin the stylus as such writing is generated. The smart pen can also beused to capture the signature of the payee. As such, the smart pen canreplace a conventional signature pad. Wherever the customer submitswritten identifiers, or there is information that needs to be capturedfrom the writing submitted by the customer (account number, withdrawalor deposit) the smart pen may be used. Wherever a smart-pen is needed, ascanner-type smart pen is preferred since it captures all writing on thedocument (not just the writing submitted by the customer).

For use in commercial transactions at a POS terminal, a customerregisters selecting a customer account that is to be used for payment.The customer also submits a digital signature for referencepurposes—preferably, a fingerprint. The customer is then issued atransponder that links the customer to the customer account and to thereference digital signature. When the customer is at the point-of-saleterminal for making payment, an interrogator disposed at thepoint-of-sale terminal transmits a radio signal requesting identityverification. The wireless transponder submits data to the interrogator.Thereafter, when the customer uses a stylus to submit written data (suchas a signature), a sensor in the stylus makes incidental capture ofbiometric data that enables the interrogator to confirm customeridentity. Similarly, the system can be used to confirm identity when thecustomer wants to cash a personal check.

Positioned at the center of the process is a stylus with any of a numberof biometric or with one or more metric sensors, that enable anincidental capture of data relative to identity verification while thestylus is being used. The identity verification processes of the presentinvention can be used at POS terminals, in various controlledenvironments, to access a computer network, in applications involvingpen-based computers and smart-pens, for e-commerce, conventional writingimplements, and multi-purpose writing implements.

While the systems set forth herein are described in conjunction with POSterminals for purposes of illustration, it is understood that theprinciples set forth herein are all applicable to a broad range of otheractivities where a writing or signature are required or preferred, suchas internet and intranet commerce, access control, government activities(voting, drivers' registration, receipt of government benefits) and foruse in controlled environments (such as hospitals, and banks).

PCT Application no. PCT/US99/17900 entitled “Identification ConfirmationSystem” filed on Apr. 7, 1999; U.S. patent application Ser. No.09/490,687, entitled “writing implement and identity verificationsystems” filed on Jan. 24, 2000; U.S. patent application Ser. No.09/535,411, entitled “Method for Identity Verification” filed on Mar.20, 2000; and pct application no. PCT/US00/19652 entitled “identityauthentication system and method” filed Jul. 18, 2000 by the applicantdisclose various systems and configurations for identity authenticationusing a combination of pen-based and card-based systems. As depictedherein, the systems include a card, a stylus including one or morefingerprint sensors for use with a signature pad. In one embodiment, thesystem comprises a stylus, a card with enhanced storage capacity, and asignature pad.

The stylus includes one or more fingerprint sensor that captures animage of a finger of the customer when the stylus is grasped. Whilefingerprint sensors are used herein for purposes of illustration it isexpressly understood that the principles of this invention are alsoapplicable to sensing of DNA and other biotech properties—that involvecell capture or cell analysis sensors. During routine usage of thestylus, the sensor captures the data necessary to compare with thedigital signature to determine identity verification.

As used herein unless the context indicates otherwise, a “stylus” is anydevice that is compatible with either the hand or finger of the user forpurposes of making a marking on an essentially flat surface. The flatsurface may be a digital surface or a piece of paper. While the drawingsdepict a conventional shape of a stylus, other shapes and designs arealso included within the scope of the present invention such as anyattachment or thimble-like device for a finger or any implement that canbe held with a hand for such purpose. The stylus may or may not includean ink cartridge. Also, as used herein unless the context suggestsotherwise, the term “fingerprint” refers to either the print of thethumb, index finger, or any other finger.

Metric properties include, but are not limited to, grip and pointpressure (e.g.—pressure sensors), position of the index finger relativeto the point, position of the thumb relative to the index finger(e.g.—thermal sensors), angle of the stylus during usage (e.g.—agyroscope), Where the writing is a signature, the metric sensors mayalso include speed of signing (e.g.—a timer), and increases anddecreases of speed during signing (e.g.—an accelerometer).

For a more complete understanding of the identity authentication deviceof the present invention, reference is made to the following detaileddescription and accompanying drawings in which the presently preferredembodiments of the invention are shown by way of example. As theinvention may be embodied in many forms without departing from spirit ofessential characteristics thereof, it is expressly understood that thedrawings are for purposes of illustration and description only, and arenot intended as a definition of the limits of the invention. Throughoutthe description, like reference numbers refer to the same componentthroughout the several views.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A discloses a first preferred embodiment of the identityauthentication device of the present invention, the device beingportable and wireless;

FIG. 1B discloses a first preferred embodiment of the identityauthentication device of the present invention, the device beingattached to a counter;

FIG. 1C discloses a conventional signature pad of the prior art;

FIG. 2A discloses a simplified logic diagram of a method of enrolling anew customer into the identity authentication system of FIGS. 1 a, 1 b,or 1 c;

FIG. 2B discloses a simplified logic diagram of a method of enrolling anexisting customer into the identity authentication system of FIG. 1A;

FIG. 3 discloses a simplified logic diagram for one method of making apurchase at a POS terminal using the wireless customer identityverification system of FIG. 5;

FIG. 4 discloses a simplified logic diagram for processing a conversionrequest at POS terminal to enable conversion from a card referencefingerprint to a record reference fingerprint for the identityverification device of the present invention;

FIG. 5A discloses a simplified example of card memory for use with atethered identity authentication device of the present invention;

FIG. 5B discloses a simplified example of memory for a wirelessembodiment of the identity authentication device of the presentinvention;

FIG. 6A discloses a simplified example of a customer bank record for usewith the data record of FIG. 5A for the tethered identity verificationdevice of the present invention shown in FIG. 1B;

FIG. 6B discloses a simplified customer example of a bank record for usewith the data record of FIG. 5B for the wireless identity verificationdevice of the present invention shown in FIG. 1A;

FIG. 7 discloses a first text-capture stylus for use in the identityauthentication device of the present invention (Anoto AB of Stockholm,Switzerland); FIG. 8 discloses a modified C-pen text-capture stylus,said stylus having a stylus tip for generating an image on a papersurface or a digital surface (Anoto AB of Stockholm, Switzerland); andFIG. 9 discloses another text-capture stylus for use in the presentinvention, the “V-Pen™” (OTM Technologies Ltd. of Herzliya, Israel).

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Referring now to the drawings, as shown in FIGS. 1A and 1B, the identityauthentication device of the present invention is stylus-shaped. Aprocessor is disposed within the device. The stylus-shaped deviceincludes a scanner-type device component for capturing within theprocessor memory a written signature generated by the stylus while thestylus is writing upon a surface. A fingerprint sensor is disposedwithin the grip of the stylus. The fingerprint sensor enables thecapture of a digital signature of the writer at the same time that thewritten signature of the writer is captured. Once the identity of thewriter has been authenticated by comparison against a reference print,the signature of the writer irrefutable. The device serves the samegeneral purpose and can be used in lieu of a signature pad. The deviceis either attached to a surface or is portable and wireless.

The smart-pen includes a processor with memory disposed therewithin. Thesmart-pen is a handheld pen-shaped device that captures text as the textis generated. The smart-pen can replace a signature pad in the identityconfirmation system of the present invention. These smart-pens aregenerally wireless. Several such devices are commercially available—forexample Anoto, and n-scribe. The smart-pens capture text written on anysurface (a napkin, a tablecloth, or a tablet). The smart-pen isthereafter linked to a conventional computer where the text isdownloaded into the user's file—for editing purposes or for printing ahard copy of the captured data.

The Anoto smart-pen is shown in FIG. 7—the smart-pen including afingerprint sensor. The main parts of the Anoto smart-pen are a digitalcamera, an image-processing unit and a Bluetooth radio transceiver. Thesmart-pen also contains an ink cartridge so that the actual writing orpicture can be viewed as drawn. The smart-pen has no buttons ordisplays, and looks and feels like an ordinary ballpoint pen. The Anotoinput device is just a piece of ordinary paper on which a proprietarypattern has been printed. For the eye this pattern is perceived as aslightly off-white color. A very small portion of the pattern uniquelydefines the position on the full pattern, which encompasses an areaexceeding 1.8 million square miles. The dots of the written pattern areilluminated by infrared light, making them visible for the digitalcamera. Digital snapshots are taken of the pattern. The ink from thesmart-pen is invisible to the camera, so that the writing does notdegrade the pattern. The image processor calculates, in real-time, theexact position in the entire pattern. During image processing, snapshotsare compared and information about how the smart-pen is held is alsogathered and stored. All the data from the image processor is packagedand loaded into the smart-pen memory, which can store several fullywritten pages. The information is transmitted by the Bluetoothtransceiver, either directly to a processor, or forwarded via a relaydevice (e.g. mobile phone, personal computer or handheld device) to aLook-up Service. From here some information is forwarded for furtherprocessing elsewhere. A force-sensing resistor measures the tip forceapplied to the smart-pen.

The n-scribe smart-pen comprises a ballpoint pen and cover. To use thesmart-pen, the cover is removed and clipped to any paper, notebook orother flat surface that is writing on—no special paper is required.During the writing, the smart-pen emits infrared light that is receivedby the two infrared sensors in the cover of the smart-pen. Together theywork like the guidance system in a cruise missile, constantly adjustingand transcribing the location of the smart-pen in relationship to thetwo fixed points. As the smart-pen moves, the information is constantlyupdated in real time, tracking the movements of the tip of thesmart-pen. Everything is captured—drawings, writings, numbers; whateveris written with the smart-pen is stored in pen memory. And because thesmart-pen is both a traditional ink pen and an electronic transmitter,the writing can be seen while the pen cover is capturing the data forelectronic storage. The smart-pen looks and writes like a regular pen,yet lets users transmit handwritten information over cellular phones orother Internet-ready appliances to the Web, where the transmission canbe distributed as an instant message, e-mail or fax, or stored forfuture reference. There is no need to re-key data, and no special paperor pads are required. The smart-pen can be packaged for use as anaccessory to most popular electronic products and services, includingcell phones, hand-held computers, desktops and laptop computers, andother electronic portable devices.

Another smart-pen stylus for use with the identity confirmation systemof the present invention is a modified C-PEN. C-PEN is a pen-shapedtext-capture device that reads and captures text into a processormounted within the device. By mounting a stylus (either with or withoutthe ink cartridge) this device can also be used as a smart-pen andreplace a signature pad—see FIG. 8. The device allows the writer towrite characters by using the smart-pen like an ordinary ballpoint pen.The smart-pen can follow its own movement over a surface and recognizethe movement as a letter or numeral.

FIGS. 2A and 2B disclose simplified methods for registration for new andexisting customers, respectively. The primary difference in the twomethods is that for the new customer, the customer record must becreated. For the existing customer, the customer record is already inexistence but a confirmation check is needed to confirm that thecustomer has authorized access to the account.

The smart pen can be attached to a POS terminal, attached to a pen-basedcomputer, or a signature pad. In addition, the stylus can be wireless,whereby a transponder is incorporated into the wireless stylus. Eachstylus also includes one or more fingerprint sensors that capture animage of a finger of the customer when the stylus is grasped. Thetransponder responds to a radio signal by emitting its own radio signal.Each transponder is tagged with a unique serial number. That serialnumber can be linked with a credit or debit account. A typical sale mayproceed as follows (see FIG. 3). The customer selects goods and proceedsto a POS terminal. The POS terminal indicates that the transaction willbe paid through a transponder. An interrogator disposed at the POSterminal collects data from the transponder. A light advises thecustomer that the payment has been accepted. Payment is made instantlyfrom the customer's registered account.

Another preferred embodiment of the identity verification system of thepresent invention is depicted in FIGS. 2A and 2B. For example in abranch office of a bank—a controlled environment, the pens of thepresent invention are placed at all tellers' windows, all ATMs, and allofficers' desks. New customers are given a debit/check/ATM card uponfilling out an application. The customer uses a pen similar to the pensat the tellers' windows. The customer's reference print is capturedduring registration, preferably within a branch office of the bank andelectronic fingerprint image that is encrypted is stored in thecustomer's bank record. Such cards can actually be issued anddistributed to customers once registration is completed, much the sameas hotels use to issue room keys upon registration—the cards arepreprinted and certain data is loaded onto the card prior to issuance.

The use of this transponder as a component of the pen-based verificationsystem of the present invention enables the transponder to be compatiblewith both card-based and cardless systems. In the card-based system, thedevice is swiped through a cardreader at the POS terminal—and thecustomer signs her name using the fingerprint stylus. The referencefingerprint image is stored in the smart card/transponder device, whichis also where the matching of the sensed print (from the pen) iscompared with the reference fingerprint image. This embodiment enablingcompatibility with both cardreaders and transponders also is key inenabling a transition to a cardless system.

When wireless devices are used, system security becomes even more of aconcern, since an integral part of the system, is not attached to thesystem, but rather is portable and carried by a customer. When thereference print is stored inside the identity authentication device ofFIG. 1A and is carried by the customer, either of the followingtechnologies may also be employed:

U.S. Pat. No. 5,619,025 (Hickman, et al.) Discloses a method fortamper-proof identification using photo refractive crystals. The methodfor document authentication exploits a temporally variable physicalprocess to generate a reproducible effect that cannot be copied. Adocument such as a credit card is provided with a spot or stripe thatincorporates at least one, and preferably a large plurality of photorefractive crystals arrayed in a random manner. The documentauthenticating apparatus includes a coherent light source such as adiode laser to illuminate the photo refractive crystals, and aphotosensor to receive light scattered from the photo refractivecrystals. The random distribution and orientation of photo refractivecrystals comprises a unique characteristic for each card or document,and this characteristic is not based on any assigned number or code. Theresponse of photo refractive crystals to the coherent illuminationcomprises a time-varying characteristic that is dependent upon theintensity and temporal nature of the illumination itself. Input to thelaser illuminator may be varied to elicit differing responses from thephoto refractive crystals, and this factor may be very difficult for acounterfeiter to ascertain. Also, for any given illumination intensityor temporal pattern, the image received by the photosensor varies withtime. The time at which the photosensor signal is sampled to obtain anidentifying image may also be varied, thereby further compounding thedifficulty for a counterfeiter to overcome. A large number of“snapshots” of the time-varying image of the document is electronicallycaptured, digitized, and stored in an electronic media. The photosensorsignal is compared to the stored data; a match indicates a validdocument, and no match indicates an invalid or unauthorized document.The image recognition process can be enhanced by comparing the rate ofchange in a sequence of images elicited by the laser illuminator.

U.S. Pat. No. 5,834,748 (Litman) discloses a card that includes magneticparticles and is difficult to counterfeit. The signal strength, period,amplitude and/or alignment of the magnetic field may be read as codedinformation by a magnetic reading head. The encoding of this informationcan be made increasingly difficult to imitate or forge by varyingparameters within these (and other) mechanically readable inscriptions.The apparatus readable (mechanically readable) security means to preventforgery of identification cards, (including the new smart cards withreadable chips therein) and pens. The security of the pens is enhancedby the implementation of a mechanically readable security system, whichincludes a mechanically readable magnetic marking embedded in thetransactional item. The marking also may be visually notable orreadable, but it at least must be readable by a reading head capable ofreading the passage of a magnetic material by the head. The marking ispreferably in the form of at least two magnetic filaments or strips andpreferably includes a multiple number of filaments of differingcoerciveness, magnetic field strength, magnetic field alignment, size orspacing so that when the pen is passed at a defined and preferablyconstant speed through the reading device, approval will be given onlywhen the proper signal is provided by the ordered array of appropriatemagnetic elements in the pen.

Registration can also occur without the pen, but rather with afingerprint that captures essentially a complete fingerprint of thefinger for references purposes. Subsequently, when the pen is used, thepartial print is compared to the complete fingerprint for matchingpurposes.

The fingerprint sensors of choice is the Authentec's EntréPad® AES3400is Authentec's low-power, small touch sensor. The EntréPad AES3400 has ahigh-rate image capture of up to 32 frames per second. The sensor isoptimized for use in portable and laptop personal computers, and PDAs.The detection matrix is 128×128 pixels and the array size is 6.5 mm×6.5mm with 500 ppi high-resolution images.

Referring now to FIG. 9, another text-capture pen-type device isdiscosed, “V-Pen™,” is commercially available from OTM Technologies Ltd.of Herzliya, Israel.

The user writes with the text-capture device on any surface. Therelative motion is captured by the sensor located at the tip of thedevice, decoded into ASCII characters using a character recognitionsoftware (ICR), and streamed to the handset screen. In a similar way,the user can draw a picture or move the cursor on the handset screen.

A sensor measures the relative motion of surfaces placed adjacent to itsaperture. It includes a laser diode, detectors and optics integratedinto a small transistor-style package. An optical grating is integratedin the sensor optics and reflects part of the illuminating light asback-diffracted beams that are focused onto the detectors. The measuredsurface is also illuminated by a single collimated laser beam, andreflects light in all directions. Part of the light reflects back fromthe surface onto the detectors. The grating reflected beam serves as alocal oscillator, which interferes with the reflected surface light forcoherent homodyne detection by the detector.

A two-dimensional grating having three or more non-collinear diffractionorders is used for three-dimensional (3D) motion measurement. Thearrangement of the detectors inside the components allows measurement oforthogonal axes.

The text-capture device converts handwriting to the ASCII text and sendsit straight to a designated handset, PDA, PC or iTV. Also, the device isversatile, and is useful for writing e-mails, SMS notes, calendarentries and URL addresses. The text-capture device can also be used as aregular pen.

The devices of the present invention are also useful in any hotel toimprove security involving on-site charging to a room. The principles ofthis invention are applicable to controlled environments other thanresorts, hotel-casinos, hotels, and casinos. As used herein, unless thecontext suggests otherwise, a controlled environment is a community ofpeople that: (1) requires registration to become a part of thecommunity; and (2) where the purchase of goods or services occurs. Someexamples of controlled environments include: hotels-resorts, luxurycruise liners, airports, banks, racetracks, bowling alleys, theme parks,hospitals, college campuses and public/private schools, military bases,hotel-casinos, sports complexes, shopping malls, and prisons. Onceenrolled into the cardless transaction system of the present invention,any guest upon registration with the hotel complex has full and completeaccess to any amenity within the complex, at anytime, without carryingon his/her user anything other than biometric identification that isinherent in his/her being. As used herein a “controlled environment”does not require a single physical structure, but rather also includes anetwork of related activities administered by a centralized driver. Someexamples of these type controlled environments include a bank and itscustomers, a regional of drugstores, health club facilities,restaurants, or beauty salons and their customers.

Examples include:

-   -   Hotels-resorts—the key provides access to the guest room and        other private suites and for guest tracking while the        cash-alternative instrument is used for all on-site purchases.    -   Luxury cruise liners—the key provides access to the guest room        while the cash-alternative instrument is used as a method of        payment for all on-site purchases.    -   Airports—the key provides access to private clubs for preferred        passengers and security access for airport security personnel        while the cash-alternative instrument is used as a method of        payment for tickets, food, car rentals, etc.    -   Hotel-casinos—the key provides access to the guest room while        the cash-alternative instrument is used for all purchases within        the complex (particularly useful when chips and cash are not        used for gaming—player tracking).    -   Racetracks, bowling alleys, pool halls—key is used for access to        the facility and private rooms on site while the        cash-alternative instrument is used as a method of payment for        on-site purchases.    -   Theme parks—the key provides gate entry and entry to any private        facilities within the park while the cash-alternative instrument        is used as a method of payment within the park.    -   Hospitals—the key provides access to the patient rooms (private        and semi-private) while the cash-alternative instrument is used        for purposes of identification for treatment purposes and        patient tracking and for purchases. The key can be used by        physicians, nurses, and administrative personnel for access to        secure areas, parking, access to patient records, and the        cash-alternative instrument can be used for on-site purchases.    -   College campuses and public/private schools—the key provides        access to the dorm and individual rooms and classrooms and for        purposes of identification while the cash-alternative instrument        is used for student aid requests, scholarships, and purchases on        campus (cash-alternative instrument also used for identification        for medical treatment).    -   Military bases—the key is used for identification for access        into the base, secure areas within the base, and individual        rooms and tracking while the cash-alternative instrument is used        as a method of payment for purchases on-site.    -   Prisons—the key is used for cell access and inmate tracking        while the cash-alternative instrument is used as a method of        payment on site.    -   Sports complexes—the key provides access to the gate and private        suites while the cash-alternative instrument is used as a method        of payment within the complex.

Shopping malls—the key provides access to the mall and privaterestaurants/suites and shopper tracking while the cash-alternativeinstrument is used as a method of payment on-site.

Throughout this application, various U.S. patents, patent applications,and pct applications are referenced by number and inventor. Thedisclosures of these patents and applications in their entireties arehereby incorporated by reference into this specification in order tomore fully describe the state of the art to which this technologypertains. It is evident that many alternatives, modifications, andvariations of the identity authentication device of the presentinvention will be apparent to those skilled in the art in light of thedisclosure herein. It is intended that the metes and bounds of thepresent invention be determined by the appended claims rather than bythe language of the above specification, and that all such alternatives,modifications, and variations which form a conjointly cooperativeequivalent are intended to be included within the spirit and scope ofthese claims.

1. An identity authentication device having the general shape of astylus, the device comprising: a processor disposed within the stylus,the processor having memory, the stylus including a component forcapturing within the processor memory data pertaining to a writinggenerated by the stylus upon a writing surface; and a sensor disposedwithin the grip of the stylus, the sensor enabling the capture of abiometric or metric property of a user while the stylus is being used togenerate the writing.
 2. The identity authentication device of claim 1,wherein the sensor disposed in the stylus grip captures fingerprintdata.
 3. The identity authentication device of claim 1, wherein thedevice is wireless and portable.
 4. The identity authentication deviceof claim 1, wherein the writing surface is a digital surface, the stylusbeing a tethered connection proximate to the digital surface.
 5. Astylus for generating a writing on a surface, the stylus comprising astylus body having a stylus grip, a stylus memory, and a sensor disposedin the stylus grip, the sensor capturing a metric or biometric propertyof a user while the stylus is used to generate the writing, data writtenusing the stylus being retained in the stylus memory; whereby a match ofthe captured metric or biometric property of the user with a referencemetric or biometric property is needed to gain access to the dataretained in the stylus memory.
 6. The stylus of claim 1, wherein thesensor disposed in the stylus grip captures fingerprint data.
 7. Thestylus of claim 1, wherein the device is wireless and portable.
 8. Thestylus of claim 1, wherein the writing surface is a digital surface, thestylus being a tethered connection proximate to the digital surface. 9.A stylus for generating a writing on a surface, the stylus comprising(a) a stylus body, the stylus body having a stylus grip; (b) a stylusmemory, the stylus memory being disposed within the stylus body; and (c)a sensor disposed in the stylus grip, the sensor capturing a metric orbiometric property of a user while the stylus is used to generate thewriting; whereby data written using the stylus is retained in the stylusmemory; and whereby a match of the captured metric or biometric propertyof the user with a reference metric or biometric property is needed togain access to the data retained in the stylus memory.
 10. The stylus ofclaim 9, wherein the sensor disposed in the stylus grip capturesfingerprint data.
 11. The stylus of claim 9, wherein the device iswireless and portable.
 12. The stylus of claim 9, wherein the writingsurface is a digital surface, the stylus being a tethered connectionproximate to the digital surface.